Your client data deserves bank-level protection. Here's how we keep it safe.
All data is encrypted using AES-256, the same standard used by banks and government agencies. Your files are encrypted before they touch our servers.
All data transfers use TLS 1.3, ensuring your uploads and downloads are protected from interception.
All data is stored in SOC 2 Type II certified data centers located in the United States (AWS/Supabase infrastructure).
Your client data is NEVER used to train AI models. We use AI for search, but your data stays yours.
SOC 2 Type II Compliance (Roadmap)
We are actively working toward SOC 2 Type II certification to provide additional assurance of our security practices.
GDPR Compliant
We support data subject rights including access, correction, and deletion.
CCPA Compliant
California residents have full rights under the CCPA.
Active Accounts: Your data is retained for as long as your account is active. You can delete individual cases or your entire account at any time.
Account Deletion: When you delete your account, all associated data is permanently removed from our systems within 30 days.
Demo Sessions: Data uploaded during demo sessions (without an account) is automatically deleted after 1 hour.
Backups: Encrypted backups are retained for up to 90 days for disaster recovery purposes.